﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Web.Security;
using System.Security.Principal;
using MvcDeviceManager.Service;
using MvcDeviceManager.Controllers;
using MvcDeviceManager.Models;

namespace MvcDeviceManager.Filter
{
    public class AuthorizeFilterAttribute : FilterAttribute, IAuthorizationFilter
    {
        RoleAuthorityService authorityService=new RoleAuthorityService(); 

        public void OnAuthorization(AuthorizationContext filterContext)
        {
            //if (filterContext.ActionDescriptor.ControllerDescriptor.ControllerName.Equals("Login"))
            //{
            //    return;
            //}
            //else
            //{
            //    bool isNew = filterContext.HttpContext.Session.IsNewSession;
            //    bool isTimeOut = (filterContext.HttpContext.Session[Constant.LOGIN_USER] == null);
            //    if (isNew || isTimeOut)
            //    {
            //        if (filterContext.HttpContext.Request.IsAjaxRequest())
            //        {
            //            object data = new { error = "对不起，对不起系统超时，请重新登陆后再试！" };
            //            JsonResult result = new JsonResult();
            //            result.Data = data;
            //            filterContext.Result = result;
            //        }
            //        else
            //        {
            //            filterContext.Result = new RedirectResult("~/Login/LogOn?error=aaa");
            //        }
            //        return;
            //    }
            //}
            bool isAuth = true;
            RolePrincipal user = (RolePrincipal)filterContext.RequestContext.HttpContext.User;
            //if (user == null)
            //{
            //    isAuth = false;
            //    System.Diagnostics.Trace.WriteLine("user is null");
            //    // filterContext.HttpContext.Response.Redirect("/Login/LogOn");
            //}
            //else if (user.Identity.IsAuthenticated)
            //{
                isAuth = DatabaseAuthorization(filterContext);
                //   DatabaseAuthorization(filterContext);
                System.Diagnostics.Trace.WriteLine("user is Authenticated");
            //}
            //else
            //{
            //    isAuth = false;
            //    //user.Identity.IsAuthenticated = false;
            //    System.Diagnostics.Trace.WriteLine("user is not Authenticated");
            //}
            if (!isAuth)
            {
                if (filterContext.HttpContext.Request.IsAjaxRequest())
                {
                    object data=new { error = "对不起，您无权执行此操作！" };
                    JsonResult result = new JsonResult();
                    result.Data = data;
                    filterContext.Result = result;
                }
                else
                {
                    filterContext.Result = new HttpUnauthorizedResult();
                }
                
            }
            
        }
        public bool DatabaseAuthorization(AuthorizationContext filterContext)
        {

            string[] roles = Roles.GetRolesForUser(filterContext.HttpContext.Session[Constant.LOGIN_USER].ToString());
            if (roles.Length > 0)
            {
                IList<RoleAuthority> ras = (IList<RoleAuthority>)filterContext.HttpContext.Session[Constant.ROLE_AUTHORITY];
                foreach (RoleAuthority ra in ras)
                {
                    if (ra.Controller.Equals(filterContext.ActionDescriptor.ControllerDescriptor.ControllerName) &&
                        ra.ActionId.Equals(filterContext.ActionDescriptor.ActionName))
                    {
                        return true;
                    }
                }
               // return authorityService.hasAuthority(roles, filterContext.ActionDescriptor.ActionName, filterContext.ActionDescriptor.ControllerDescriptor.ControllerName);
            }
            return false;
        }

    }
}